- Logging into docker-machine:
docker-machine ssh default
- Create temporary working directory and changing to:
mkdir kerio && cd kerio
- Download latest DEB-package of Kerio VPN client:
wget https://cdn.kerio.com/dwn/kerio-control-vpnclient-linux-amd64.deb
- Unpack the package using
ar
utility:ar -x kerio-control-vpnclient-linux-amd64.deb
- Unpack internal archives:
tar -xzvf control.tar.gz
tar -xJvf data.tar.xz
- Copy all the shared libraries
sudo cp usr/lib/libkvnet.so /usr/lib
sudo cp usr/lib/libktssl.so.1.0.0 /usr/lib
sudo cp usr/lib/libktcrypto.so.1.0.0 /usr/lib
sudo cp usr/lib/libktz.so.1 /usr/lib
- Copy the binary executable file:
sudo cp usr/sbin/kvpncsvc /usr/sbin/
- Copy the running script:
sudo cp etc/init.d/kerio-kvc /etc/init.d/
- (optional) Installing
vim
(to edit configuration):tce-load -wi vim
- Generate fingerprint of the VPN server (4090 is the default port, could be any):
openssl s_client -connect "vpn-server.com:4090" 2>/dev/null | openssl x509 -fingerprint -md5 -noout | sed s'/.*=//'
(it would be necessary to break the connection using CTRL+C and copy the output value, which looks like: 00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF
)
- Create the Kerio VPN Client config:
sudo vim /etc/kerio-kvc.conf
(change server address, username and password, and fingerprint, also could be added port – using<port></port>
param)
<?xml version="1.0" encoding="UTF-8"?>
<config>
<connections>
<connection type="persistent">
<server>vpn-server.com</server>
<username>{vpn-user}</username>
<password>D3S:{password-hash}</password>
<fingerprint>00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF</fingerprint>
<active>1</active>
</connection>
</connections>
</config>
(the easiest way to configure is to copy params from macOS Kerio VPN client config, it's located here: ~/.kerio/vpnclient/user.cfg
)
- Change mode of the config:
sudo chmod 0600 /etc/kerio-kvc.conf
- Run the VPN Client:
sudo /etc/init.d/kerio-kvc start
Another way is to run full script:
- Replace environment variables with your values:
export VPN_SERVER=<VPN_URL> PASSWORD_HASH=<PASSWORD_HASH> VPN_USER=<VPN_USER>
- Run script:
mkdir kerio && cd kerio
wget https://cdn.kerio.com/dwn/kerio-control-vpnclient-linux-amd64.deb
ar -x kerio-control-vpnclient-linux-amd64.deb
tar -xzvf control.tar.gz
tar -xJvf data.tar.xz
sudo VPN_SERVER=$VPN_SERVER PASSWORD_HASH=$PASSWORD_HASH VPN_USER=$VPN_USER su
cp usr/lib/libkvnet.so /usr/lib
cp usr/lib/libktssl.so.1.0.0 /usr/lib
cp usr/lib/libktcrypto.so.1.0.0 /usr/lib
cp usr/lib/libktz.so.1 /usr/lib
cp usr/sbin/kvpncsvc /usr/sbin/
cp etc/init.d/kerio-kvc /etc/init.d/
export VPN_FGPT=$(openssl s_client -connect "${VPN_SERVER}:4090" 2>/dev/null | openssl x509 -fingerprint -md5 -noout | sed s'/.*=//' &)
cat > /etc/kerio-kvc.conf <<EOF
<?xml version="1.0" encoding="UTF-8"?>
<config>
<connections>
<connection type="persistent">
<server>${VPN_SERVER}</server>
<username>${VPN_USER}</username>
<password>D3S:${PASSWORD_HASH}</password>
<fingerprint>$VPN_FGPT</fingerprint>
<active>1</active>
</connection>
</connections>
</config>
EOF
chmod 0600 /etc/kerio-kvc.conf
/etc/init.d/kerio-kvc start
exit
thx